This year saw a number of remarkable events and benchmarks in cybersecurity. As we close out the year, let’s take a look back at the top five cybersecurity takeaways of 2015. 1) Cybercrime is at its most expensive, and the costs are rising. Other than securing sensitive information, perhaps the most important aspect of cybersecurity is its potential to save…

In the wake of CISA, many cybersecurity experts have been touting the fatal flaw of the proposed bill not as privacy, but rather its inability to prevent attacks. A recent piece on The Intercept describes how many of the large attacks that occurred recently were a result of factors that CISA would not prevent, like inside jobs, out-of-date servers, weaknesses…

The federal government has the difficult task of balancing the protection of consumer privacy while also aiding law enforcement in the fight against criminal behavior, spying, and terrorism. Earlier this month, the Obama administration announced that they will not call for legislation requiring companies to provide law enforcement with a “back door” to encrypted communications. Major tech companies like Apple…

You know there’s a major problem with mobile security when the United States Secret Service starts talking about it. Last week, the Secret Service issued a warning about a recent wave of identity theft incidents involving mobile payment systems. According to the Secret Service’s advisory, a growing number of criminals are exploiting vulnerabilities in near-field communication (NFC)-based mobile payment systems…

Over the past couple of weeks, political blogs have been abuzz over rumors that Senate Majority Leader Mitch McConnell (R-Ky) would be moving to vote on the Cybersecurity Information Sharing Act before the summer recess (which starts August 8). Advocates of the bill panicked about whether the vote could be hurried and whether it would have enough support when it…

The number of data breaches has continued to grow over the past two years, hitting a peak in 2014, which became known as “the year of the data breach.” Along with the major data breaches we saw in 2014, there was a spike in interest around a relatively new type of protection for businesses: cyber insurance. A recent article in…

When you store your data in the cloud, the reality is that it usually lives on a server within a massive data center made up of many servers. Each server generally hosts multiple virtual machines that act as separate environments for individual accounts, allowing the provider to store your data in a way that keeps it segregated from other people’s…

The 2015 Verizon Data Breach Investigations Report, published since 2008, was released last month, and it details a thorough investigation of common data security threat patterns, as well as the effects of different kinds of data breaches in various industries. Called “the Data Breach Bible” by Tripwire, the report compiled the data of nearly 80,000 security incidents and more than…

The Apple Watch is scheduled to ship on April 24th, and with a recent controversy over fraud on Apple’s mobile payment platform, people are asking tough questions about the security of their new smartwatch, especially about how it syncs with Apple Pay. (To learn more about how Apple Pay works – hint: tokenization – read this post.) Much like the…

AT&T just got the bill for its insider data breach, and it’s in the ballpark of a $25 million civil penalty settled in conjunction with the FCC. In 2013 and 2014, employees at call centers in Mexico, Colombia, and the Philippines used proprietary network information to gain unauthorized access to PII (personally identifiable information) for more than 275,000 customers and…